Jump to content

Blocking the Access to Multiple Files with .htaccess?


glassfish

Recommended Posts

I have around 14 script files for an admin page.

 

I am looking to block the access to 10 of them with .htaccess, so they can not get called up through the URL with the web browser, by for example guessing the name.

<Files index.php>
    Order Allow,Deny
    Allow from all
</Files>

How to set up, so I can have "those" 10 files in there?

 

Also, when comes to having an admin page and blocking the access to "those" script files is this the proper way to do it?

 

I would appreciate the suggestions a lot!

Edited by glassfish
Link to comment
Share on other sites

Easiest way would be to move the files outside of your sites root folder. Files outside of the root folder will not be accessible from a URL. This will not prevent PHP from accessing files.

 

Or place a .htaccess file inside the folders you don't want allow access to with the following

Deny from all
Link to comment
Share on other sites

If you don't want them called by a url, then why not move them above the public html files?

 

I have read this before, I am not quite understanding this.

 

If I have the "*.php" files inside the following folder with XAMPP:

htdocs/gallerysite/

To where do I move those files then?

Link to comment
Share on other sites

 

Easiest way would be to move the files outside of your sites root folder. Files outside of the root folder will not be accessible from a URL. This will not prevent PHP from accessing files.

 

Or place a .htaccess file inside the folders you don't want allow access to with the following

Deny from all

Thanks for the answer, I will try that in a minute.

I will try to have "those" script files inside an "includes" folder.

Can I just have that "line" you have there inside the ".htaccess" file and nothing else to it?

Link to comment
Share on other sites

Yes, just that line in a .htaccess file will work.

As for the first question, above the htdocs folder.  example

/home/myfile/htdocs/gallerysite

you could store in any folder in /home/myfile and no one would be able to call it with a url, because a url automatically points to the htdocs folder.  The server still has access to all folders though.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.